[lsc-changes] [Ldap Synchronization Connector (LSC)] page changed: documentation:tutorials:synchronizegroups

webmaster at lsc-project.org webmaster at lsc-project.org
Wed Jul 22 12:11:10 CEST 2009


A page in your DokuWiki was added or changed. Here are the details:

Date        : 2009/07/22 12:11
Browser     : Mozilla/5.0 (X11; U; Linux x86_64; fr; rv:1.9.0.11) Gecko/2009060309 Ubuntu/9.04 (jaunty) Firefox/3.0.11
IP-Address  : 82.67.204.30
Hostname    : tru75-2-82-67-204-30.fbx.proxad.net
Old Revision: http://lsc-project.org/wiki/documentation/tutorials/synchronizegroups?rev=1247216179
New Revision: http://lsc-project.org/wiki/documentation/tutorials/synchronizegroups
Edit Summary: 
User        : jclarke

@@ -1,27 +1,27 @@
  ====== Group membership synchronization ======
  
  ===== Presentation =====
  
- LSC can help you to synchronize groups from one directory to another. The problem is that most of the time, group membership is managed by DN (that means the DN of the users are the values of the member attribute of the group entry). Of course user DN is not the same in the source directory and in the destination directory: so we have to map each user DN for each membership value.
+ LSC can help you to synchronize groups from one directory to another. The problem is that most of the time, group membership is managed by DN (that means the DN of the users are the values of the member attribute of the group entry). Of course each user DN is not the same in the source directory and in the destination directory: so we have to map each user DN for each membership value.
  
- The major real use case is to synchronize groups from OpenLDAP to Active Directory. This tutorial describe it.
+ The major real use-case is to synchronize groups from OpenLDAP to Active Directory. This tutorial describes it.
  
  ===== LSC requirement =====
  
- We will use groupOfUniqueNames as source object and group as destination object, so you have to run LSC wizard to get:
+ We will use //groupOfUniqueNames// as source object and //group// as destination object, so you have to run LSC wizard to get:
    * org.lsc.objects.groupOfUniqueNames
    * org.lsc.beans.groupBean
  
- The connector will be "ldap2ldap".
+ The connector will be //ldap2ldap//.
  
- You should have a first task that synchronize users from OpenLDAP to AD, in order to make the DN mapping works. [[documentation:tutorials:openldaptoactivedirectory|See this tutorial to achieve this]].
+ You should have a first task that synchronizes users from OpenLDAP to AD, in order to make the DN mapping work. [[documentation:tutorials:openldaptoactivedirectory|See this tutorial to achieve this]].
  
  So we will create a second task in the connector to manage groups.
  
  ===== LSC configuration =====
  
- We suppose that groups are in the "ou=groups" branch in both directories, with such template for a source group:
+ We suppose that groups are in the "ou=groups" branch in both directories, with the following template for a source group:
  <file>
  dn: cn=group1,ou=groups,dc=example,dc=com
  objectClass: groupOfUniqueNames
  objectClass: top
@@ -57,16 +57,16 @@
  lsc.tasks.group.dstService.filterId = (&(objectClass=group)(cn={cn}))
  lsc.tasks.group.dstService.pivotAttrs = cn
  </file>
  
- Now we add syncoptions to manage the member attribute. What we want is:
+ Now we add //syncoptions// to manage the member attribute. What we want is:
    * For each uniqueMember value (which is a user DN) of the srcBean entry:
      * Find uid value of the user entry on source directory
      * Search corresponding entry in destination directory with the filter (sAMAccountName=$uid)
      * Find DN of the found entry in destination directory
      * Check if this value is not null and push it in member values
  
- We must use LQL to do that (see [[http://lsc-project.org/apidocs/org/lsc/jndi/ScriptableJndiServices.html|ScriptableJndiServices javadoc]]). ANd as we will use some javascript code, we must change the default delimiter (which is ';').
+ We must use LQL to do that (see [[http://lsc-project.org/apidocs/org/lsc/jndi/ScriptableJndiServices.html|ScriptableJndiServices javadoc]]). And as we will use some javascript code, we must change the default delimiter in the configuration file (which is ';').
  
  Here is the correct syntax:
  <file>
  # Synchronization options



-- 
This mail was generated by DokuWiki at
http://lsc-project.org/wiki/



More information about the lsc-changes mailing list